// // Your standard server-side xpc main // int main (int argc, char * const argv[]) { const char *name = serviceName; if (const char *s = getenv("SYSPOLICYNAME")) name = s; // extern char *optarg; extern int optind; int arg; while ((arg = getopt(argc, argv, "v")) != -1) switch (arg) { case 'v': break; case '?': usage(); } if (optind < argc) usage(); dispatch_queue_t queue = dispatch_queue_create("server", 0); xpc_connection_t service = xpc_connection_create_mach_service(name, queue, XPC_CONNECTION_MACH_SERVICE_LISTENER /* | XPC_CONNECTION_MACH_SERVICE_PRIVILEGED */); xpc_connection_set_event_handler(service, ^(xpc_object_t cmsg) { if (xpc_get_type(cmsg) == XPC_TYPE_CONNECTION) { xpc_connection_t connection = xpc_connection_t(cmsg); syslog(LOG_DEBUG, "Connection from pid %d", xpc_connection_get_pid(connection)); xpc_connection_set_event_handler(connection, ^(xpc_object_t msg) { if (xpc_get_type(msg) == XPC_TYPE_DICTIONARY) { const char *function = xpc_dictionary_get_string(msg, "function"); syslog(LOG_DEBUG, "pid %d requested %s", xpc_connection_get_pid(connection), function); xpc_object_t reply = xpc_dictionary_create_reply(msg); try { if (function == NULL) { xpc_dictionary_set_int64(reply, "error", errSecCSInternalError); } else if (!strcmp(function, "assess")) { doAssess(msg, reply); } else if (!strcmp(function, "update")) { doUpdate(msg, reply); } else if (!strcmp(function, "record")) { doRecord(msg, reply, connection); } else { xpc_dictionary_set_int64(reply, "error", errSecCSInternalError); } } catch (...) { xpc_dictionary_set_int64(reply, "error", errSecCSInternalError); } xpc_connection_send_message(connection, reply); xpc_release(reply); } }); xpc_connection_resume(connection); } else {
static void __XPC_Peer_Event_Handler(xpc_connection_t connection, xpc_object_t event) { syslog(LOG_NOTICE, "Received event in helper."); xpc_type_t type = xpc_get_type(event); if (type == XPC_TYPE_ERROR) { if (event == XPC_ERROR_CONNECTION_INVALID) { // The client process on the other end of the connection has either // crashed or cancelled the connection. After receiving this error, // the connection is in an invalid state, and you do not need to // call xpc_connection_cancel(). Just tear down any associated state // here. } else if (event == XPC_ERROR_TERMINATION_IMMINENT) { // Handle per-connection termination cleanup. } } else { xpc_object_t requestMessage = event; xpc_object_t replyMessage = xpc_dictionary_create_reply(requestMessage); // Process request and build a reply message. __XPC_Fetch_Process_Request(requestMessage, replyMessage); xpc_connection_send_message(connection, replyMessage); xpc_release(replyMessage); } }
int main(int argc, char *argv[]) { xpc_connection_t conn; if (argc < 2) { fprintf(stderr, "Usage: %s <mach service name>\n", argv[0]); return (1); } conn = xpc_connection_create_mach_service(argv[1], NULL, XPC_CONNECTION_MACH_SERVICE_LISTENER); xpc_connection_set_event_handler(conn, ^(xpc_object_t peer) { printf("New connection, peer=%p\n", peer); xpc_connection_set_event_handler(peer, ^(xpc_object_t event) { if (event == XPC_ERROR_CONNECTION_INVALID) { printf("Connection closed by remote end\n"); return; } if (xpc_get_type(event) != XPC_TYPE_DICTIONARY) { printf("Received something else than a dictionary!\n"); return; } printf("Message received: %p\n", event); printf("%s\n", xpc_copy_description(event)); xpc_object_t resp = xpc_dictionary_create(NULL, NULL, 0); xpc_dictionary_set_string(resp, "foo", "bar"); xpc_connection_send_message(peer, resp); });
CFErrorRef SecCreateCFErrorWithXPCObject(xpc_object_t xpc_error) { CFErrorRef result = NULL; if (xpc_get_type(xpc_error) == XPC_TYPE_DICTIONARY) { CFStringRef domain = NULL; const char * domain_string = xpc_dictionary_get_string(xpc_error, kDomainKey); if (domain_string != NULL) { domain = CFStringCreateWithCString(kCFAllocatorDefault, domain_string, kCFStringEncodingUTF8); } else { domain = sSecXPCErrorDomain; CFRetain(domain); } CFIndex code = (CFIndex) xpc_dictionary_get_int64(xpc_error, kCodeKey); const char *description = xpc_dictionary_get_string(xpc_error, kDescriptionKey); SecCFCreateErrorWithFormat(code, domain, NULL, &result, NULL, CFSTR("Remote error : %s"), description); CFReleaseSafe(domain); } else { SecCFCreateErrorWithFormat(kSecXPCErrorUnexpectedType, sSecXPCErrorDomain, NULL, &result, NULL, CFSTR("Remote error not dictionary!: %@"), xpc_error); } return result; }
static void xpcEventHandler(xpc_connection_t connection, xpc_object_t event) { syslog(LOG_NOTICE, "received event in helper"); xpc_type_t type = xpc_get_type(event); if (type == XPC_TYPE_ERROR) { if (event == XPC_ERROR_CONNECTION_INVALID) { // the client process on the other end of the connection has either // crashed or cancelled the connection. After receiving this error, // the connection is in an invalid state, and you do not need to // call xpc_connection_cancel(). Just tear down any associated state // here. } else if (event == XPC_ERROR_TERMINATION_IMMINENT) { // handle per-connection termination cleanup. } } else { xpc_connection_t remote = xpc_dictionary_get_remote_connection(event); const char* command = xpc_dictionary_get_string(event, "request"); syslog(LOG_NOTICE, "received command in helper: %s", command); system(command); xpc_object_t reply = xpc_dictionary_create_reply(event); xpc_dictionary_set_string(reply, "reply", "command has been executed"); xpc_connection_send_message(remote, reply); xpc_release(reply); } }
__private_extern__ libSC_info_client_t * libSC_info_client_create(dispatch_queue_t q, const char *service_name, const char *service_description) { xpc_connection_t c; libSC_info_client_t *client; #if !TARGET_IPHONE_SIMULATOR const uint64_t flags = XPC_CONNECTION_MACH_SERVICE_PRIVILEGED; #else // !TARGET_IPHONE_SIMULATOR const uint64_t flags = 0; #endif // !TARGET_IPHONE_SIMULATOR if (_has_forked) { return NULL; } client = malloc(sizeof(libSC_info_client_t)); client->active = TRUE; client->service_description = strdup(service_description); client->service_name = strdup(service_name); c = xpc_connection_create_mach_service(service_name, q, flags); xpc_connection_set_event_handler(c, ^(xpc_object_t xobj) { xpc_type_t type; type = xpc_get_type(xobj); if (type == XPC_TYPE_DICTIONARY) { asl_log(NULL, NULL, ASL_LEVEL_ERR, "%s: unexpected message", client->service_name); log_xpc_object(" dict = ", xobj); } else if (type == XPC_TYPE_ERROR) { if (xobj == XPC_ERROR_CONNECTION_INVALID) { asl_log(NULL, NULL, ASL_LEVEL_ERR, "%s: server not available", client->service_name); client->active = FALSE; } else if (xobj == XPC_ERROR_CONNECTION_INTERRUPTED) { asl_log(NULL, NULL, ASL_LEVEL_DEBUG, "%s: server failed", client->service_name); } else { const char *desc; desc = xpc_dictionary_get_string(xobj, XPC_ERROR_KEY_DESCRIPTION); asl_log(NULL, NULL, ASL_LEVEL_DEBUG, "%s: connection error: %d : %s", client->service_name, xpc_connection_get_pid(c), desc); } } else { asl_log(NULL, NULL, ASL_LEVEL_ERR, "%s: unknown event type : %p", client->service_name, type); } });
int main(){ xpc_connection_t conn = xpc_connection_create_mach_service("com.apple.networkd", NULL, XPC_CONNECTION_MACH_SERVICE_PRIVILEGED); xpc_connection_set_event_handler(conn, ^(xpc_object_t event) { xpc_type_t t = xpc_get_type(event); if (t == XPC_TYPE_ERROR){ printf("err: %s\n", xpc_dictionary_get_string(event, XPC_ERROR_KEY_DESCRIPTION)); } printf("received an event\n"); });
int main(int argc, const char * argv[]) { uint64_t action = 0; OSStatus status = noErr; uint8_t testkey[128] = "\xde\xad\xbe\xef\xde\xad\xbe\xef\xde\xad\xbe\xef\xde\xad\xbe\xef"; xpc_connection_t connection = xpc_connection_create_mach_service(SECURITYD_SERVICE_NAME, NULL, XPC_CONNECTION_MACH_SERVICE_PRIVILEGED); xpc_object_t message = NULL, reply = NULL; xpc_connection_set_event_handler(connection, ^(xpc_object_t event) { if (xpc_get_type(event) == XPC_TYPE_ERROR) { printf("XPC error\n"); } });
static OSStatus sendTSARequestWithXPC(const unsigned char *tsaReq, size_t tsaReqLength, const unsigned char *tsaURL, unsigned char **tsaResp, size_t *tsaRespLength) { __block OSStatus result = noErr; int timeoutInSeconds = 15; extern xpc_object_t xpc_create_with_format(const char * format, ...); dispatch_queue_t xpc_queue = dispatch_queue_create("com.apple.security.XPCTimeStampingService", DISPATCH_QUEUE_SERIAL); __block dispatch_semaphore_t waitSemaphore = dispatch_semaphore_create(0); dispatch_time_t finishTime = dispatch_time(DISPATCH_TIME_NOW, timeoutInSeconds * NSEC_PER_SEC); xpc_connection_t con = xpc_connection_create("com.apple.security.XPCTimeStampingService", xpc_queue); xpc_connection_set_event_handler(con, ^(xpc_object_t event) { xpc_type_t xtype = xpc_get_type(event); if (XPC_TYPE_ERROR == xtype) { tsaDebug("default: connection error: %s\n", xpc_dictionary_get_string(event, XPC_ERROR_KEY_DESCRIPTION)); } else { tsaDebug("default: unexpected connection event %p\n", event); } });
void send() { xpc_object_t reply = xpc_connection_send_message_with_reply_sync(service, obj); xpc_release(obj); obj = NULL; xpc_type_t type = xpc_get_type(reply); if (type == XPC_TYPE_DICTIONARY) { obj = reply; if (int64_t error = xpc_dictionary_get_int64(obj, "error")) MacOSError::throwMe(error); } else if (type == XPC_TYPE_ERROR) { const char *s = xpc_copy_description(reply); printf("Error returned: %s\n", s); free((char*)s); MacOSError::throwMe(errSecCSInternalError); } else { const char *s = xpc_copy_description(reply); printf("Unexpected type of return object: %s\n", s); free((char*)s); } }
static void security_auth_peer_event_handler(xpc_connection_t connection, xpc_object_t event) { __block OSStatus status = errAuthorizationDenied; connection_t conn = (connection_t)xpc_connection_get_context(connection); require_action(conn != NULL, done, LOGE("xpc[%i]: process context not found", xpc_connection_get_pid(connection))); CFRetainSafe(conn); xpc_type_t type = xpc_get_type(event); if (type == XPC_TYPE_ERROR) { if (event == XPC_ERROR_CONNECTION_INVALID) { // The client process on the other end of the connection has either // crashed or cancelled the connection. After receiving this error, // the connection is in an invalid state, and you do not need to // call xpc_connection_cancel(). Just tear down any associated state // here. LOGV("xpc[%i]: client disconnected", xpc_connection_get_pid(connection)); connection_destory_agents(conn); } else if (event == XPC_ERROR_TERMINATION_IMMINENT) { // Handle per-connection termination cleanup. LOGD("xpc[%i]: per-connection termination", xpc_connection_get_pid(connection)); } } else { assert(type == XPC_TYPE_DICTIONARY); xpc_object_t reply = xpc_dictionary_create_reply(event); require(reply != NULL, done); uint64_t auth_type = xpc_dictionary_get_uint64(event, AUTH_XPC_TYPE); LOGV("xpc[%i]: received message type=%llu", connection_get_pid(conn), auth_type); switch (auth_type) { case AUTHORIZATION_CREATE: status = authorization_create(conn,event,reply); break; case AUTHORIZATION_CREATE_WITH_AUDIT_TOKEN: status = authorization_create_with_audit_token(conn,event,reply); break; case AUTHORIZATION_FREE: status = authorization_free(conn,event,reply); break; case AUTHORIZATION_COPY_RIGHTS: status = authorization_copy_rights(conn,event,reply); break; case AUTHORIZATION_COPY_INFO: status = authorization_copy_info(conn,event,reply); break; case AUTHORIZATION_MAKE_EXTERNAL_FORM: status = authorization_make_external_form(conn,event,reply); break; case AUTHORIZATION_CREATE_FROM_EXTERNAL_FORM: status = authorization_create_from_external_form(conn,event,reply); break; case AUTHORIZATION_RIGHT_GET: status = authorization_right_get(conn,event,reply); break; case AUTHORIZATION_RIGHT_SET: status = authorization_right_set(conn,event,reply); break; case AUTHORIZATION_RIGHT_REMOVE: status = authorization_right_remove(conn,event,reply); break; case SESSION_SET_USER_PREFERENCES: status = session_set_user_preferences(conn,event,reply); break; case AUTHORIZATION_DISMISS: connection_destory_agents(conn); status = errAuthorizationSuccess; break; case AUTHORIZATION_ENABLE_SMARTCARD: status = authorization_enable_smartcard(conn,event,reply); break; case AUTHORIZATION_SETUP: { mach_port_t bootstrap = xpc_dictionary_copy_mach_send(event, AUTH_XPC_BOOTSTRAP); if (!process_set_bootstrap(connection_get_process(conn), bootstrap)) { if (bootstrap != MACH_PORT_NULL) { mach_port_deallocate(mach_task_self(), bootstrap); } } } status = errAuthorizationSuccess; break; #if DEBUG case AUTHORIZATION_DEV: server_dev(); break; #endif default: break; } xpc_dictionary_set_int64(reply, AUTH_XPC_STATUS, status); xpc_connection_send_message(connection, reply); xpc_release(reply); } done: CFReleaseSafe(conn); }